The only thing that prevents Apple, Microsoft, or Ubuntu from executing arbitrary code on your system is their promise to keep the scope of updates limited. You already operate under this trust model.
Do I? Can you elaborate? Do you notice a difference between a company (potentially) doing this behind closed doors and as quietly as possible and doing this in a public official way?
What if I tell you I don't use any of the operating systems you listed? Does your answer change?
I have a question: Would you welcome such a move? Do you believe that taking things a bit further would be nice because "we might catch a few criminals"?
If you are not compiling your operating system, every library and every application from scratch then you are blindly trusting third parties.
And if you are assuming Apple can't be trusted when they say they won't expand this to non-CSAM use cases then not sure why you would then trust Microsoft, Ubuntu etc.
> If you are not compiling your operating system, every library and every application from scratch then you are blindly trusting third parties.
This implies that trust is always the same and that if you trust one entity (because you did not event limit your answer to corporations) you are supposed to trust everyone and if that is not the case then you have some kind of logical error in your thinking. It also implies that losing the trust in one entity, but not some other, doesn't make sense somehow.
but once a system is in place, it becomes easier to do things that are a variation on what that system already does. As opposed to doing it from scratch.
Also, I think the outcry would be larger if they did it from scratch compared to if they did it as an extension to some existing, known capability. If that's the case, they'd have less to lose in doing such a thing if the base system is already in place.
No, the GP was correct. As soon as any closed-source software implements automatic software updates, you've always one malicious update away from the system betraying you. Having "a system in place" for doing potentially evil things is unnecessary. Interim steps of any kind are unnecessary.
What Apple has done this week doesn't bring the iPhone closer or further to your hypothetical dystopia than it already was. Or Chrome, or Windows, or Android, etc. They update themselves. Every update your devices have done in the past decade could have betrayed you.
Anything that automatically updates is always one step away.
Yes, it's always "one malicious update away", but what I'm saying is different to that.
You're talking about "installing" a change, and talking about more about their capability to change what happens with your data.
I'm talking about 1) the effort required to _write_ the change and -- more importantly -- 2) the potential backlash being different as to whether it's a modification of an existing functionality vs an entirely new type of functionality. This second point is a major one, because it would be seen as much worse if it looks to the public like they've gone out of their way to do something wrong, and would be much more damaging to their reputation. IMO anyway.
> For the conspiracy to work, it'd need Apple, NCMEC and DOJ working together to pull it off voluntarily and it to never leak. If that's your threat model, OK, but that's a huge conspiracy with enormous risk to all participants
I'm not sure how that's relevant to my comment. I'm not saying any particular thing will happen. I was just disagreeing with the person who said "The only thing that prevents ... from executing arbitrary code on your system is their promise to keep the scope of updates limited. You already operate under this trust model." My disagreement is that it's more complex than "the only thing".
